Search:

Type: Posts; User: ntguru

Page 1 of 2 1 2

Search: Search took 0.02 seconds.

  1. Thanks.

    Thanks.
  2. A bit more update: disabling and enabling the IPS...

    A bit more update: disabling and enabling the IPS app did not fix the behavior. Rebooting the appliance did.
  3. So an update: something is definitely weird with...

    So an update: something is definitely weird with the IPS module. I have made zero configuration changes recently to UTGW but it has suddenly gone from scanning after network rules to scanning...
  4. Please post back what you hear. Unfortunately,...

    Please post back what you hear. Unfortunately, testing/validating the status of IPS isn't the easiest thing.

    On a potentially related note, yesterday my U25 stopped passing traffic and wouldn't...
  5. That's why I was posting.... I was hoping someone...

    That's why I was posting.... I was hoping someone from Untangle or one of the Untangle experts would see this and post. I imagine there must be log files somewhere outside the normal UI that might...
  6. What HW is your home untangle running? Does it...

    What HW is your home untangle running? Does it have inbound port forwards?
  7. San, have you tried rebooting your U25x? I...

    San, have you tried rebooting your U25x?

    I also think the IPS itself is failing, not just the reporting.
  8. IPS randomly stopping working without an alert?

    I have a modest Untangle setup at home that is giving me issues. I'm running on a U25 appliance and the load is very low. Untangle is running in routed/NAT mode and has one inbound port forward set...
  9. Replies
    1
    Views
    2,019

    Have you tried rebooting your Untangle? I had a...

    Have you tried rebooting your Untangle? I had a similar issue after I turned on IPS scanning after network processing; ie, it seemed IPS was still pre-scanning not post-scanning. After rebooting,...
  10. Thank you. Updated config.

    Thank you. Updated config.
  11. DOH! Updated.

    DOH! Updated.
  12. Untangle Intrusion Preventi - limiting logging/alerts, only 80/443 are port forwarded

    Hi all,

    Have a couple networks/VLANs behind an Untangle gateway and need to port forward http & https (tcp ports 80 & 443) in to a web server. So we'd like to enable Intrusion Prevention. ...
  13. Replies
    8
    Views
    156

    Thanks to both of you. Updating this with more...

    Thanks to both of you. Updating this with more info for others who may search it later.

    I had added the IP alias of 1.1.1.172 to the ext interface before, but I think something wasn't right...
  14. Replies
    8
    Views
    156

    sky-night's suggestion of adding an additional...

    sky-night's suggestion of adding an additional condition of destination interface Ext appears to have resolved the outbound issue. That also made the inbound port forward work as expected. I'm not...
  15. Replies
    8
    Views
    156

    FWIW, I was following the Wiki for 1-1 NAT here:...

    FWIW, I was following the Wiki for 1-1 NAT here:

    https://wiki.untangle.com/index.php/1:1_NAT

    See my original post: on the untangle ext int, I've configured 1.1.1.170/29. Is there something...
  16. Replies
    8
    Views
    156

    Do you mean the GW of the test hyper-V server...

    Do you mean the GW of the test hyper-V server (ie, the guest)? If so, GW was 10.1.1.1 when using Untangle. When I tested with the EdgeRouter I switched temporarily to 10.1.1.2. To clarify, the...
  17. Replies
    8
    Views
    156

    Outbound NAT / Inbound PAT not working

    Hi All,

    I've got a /29 public IP range. Untangle (latest version) is my primary firewall/gateway -- let's pretend 1.1.1.170 and 10.1.1.1 internal. I've got a Ubiquiti EdgeRouter in...
  18. Replies
    4
    Views
    266

    I have a u25 appliance and with the 14.2 upgrade,...

    I have a u25 appliance and with the 14.2 upgrade, I suddenly stopped getting the daily reports. Then, very recently, I started getting ones quite a few days old at random and intermittent intervals....
  19. Replies
    2
    Views
    379

    So I'll answer my own question. I disabled IP...

    So I'll answer my own question. I disabled IP and the bump is gone. I'm assuming it must have been downloading new rules at 4am and then updating and processing them, or some other maintenance item.
  20. Replies
    2
    Views
    379

    U25x CPU bump every day 4am-7am

    I have Untangle home running on a U25x appliance. In the standard daily email reports, the CPU usage jumps from basically just above zero to 1% and stay there until 7am. Everyone's asleep then, and...
  21. There are shades of grey between an absolute...

    There are shades of grey between an absolute HIPAA/etc type emergency threat (Emotet) and a browser toolbar that sends no data but pops up ads from time to time. In a perfect world, neither of these...
  22. I agree that there doesn't appear to be anything...

    I agree that there doesn't appear to be anything relevant (malicious or otherwise) going on at the URL now. Obviously, it's still useful to be classified as malicious by Untangle because it could...
  23. Yes to what Sam Graf was saying. Usually if...

    Yes to what Sam Graf was saying. Usually if something as widespread as Emotet or its traveling companions is using a FQDN for C&C, you'd expect to see stuff all over Google about it. So I'm trying...
  24. Thank you for replying quickly. At least a...

    Thank you for replying quickly.

    At least a couple of the machines reported by Untangle to be hitting this URL have scanned clean, even with an offline (*nix-based) boot scan/clean such as Norton...
  25. Malware Distribution Site "http://dc.ct-scout.net/"

    On a network that had a pretty bad worm/Trojan infection, untangle is reporting quite a few PCs being blocked for Malware Distribution site of "http://dc.ct-scout.net/". Whenever I try to google...
Results 1 to 25 of 45
Page 1 of 2 1 2

SEO by vBSEO 3.6.0 PL2